[
https://issues.apache.org/jira/browse/TS-3292?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Susan Hinrichs updated TS-3292:
-------------------------------
Assignee: Lev Stipakov
> Make tr-pass work for SSL port
> ------------------------------
>
> Key: TS-3292
> URL: https://issues.apache.org/jira/browse/TS-3292
> Project: Traffic Server
> Issue Type: New Feature
> Components: Core
> Reporter: Lev Stipakov
> Assignee: Lev Stipakov
>
> As discussed some time ago on IRC, it would be nice to have tr-pass
> functionality for SSL port.
> If SSLAccept returns an error and:
> * tr-pass is set
> * first byte is not ClientHello
> we activate blind tunnel.
> If I understand correctly, the only packet we expect in
> sslServerHandShakeEvent is ClientHello, so it is safe to assume that if first
> byte is not handshake code (0x16), traffic is not SSL.
> I also think that we should start tunnel for all errors, not only
> SSL_ERROR_SSL, because if first packet is smaller than expected ClientHello,
> SSLAccept returns SSL_ERROR_WANT_READ. Subsequent packets will surely
> generate SSL_ERROR_SSL, but I don't think it is necessary to wait for those.
> https://github.com/apache/trafficserver/pull/162
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
